Cryptocurrency 101: What cops need to know about crime, cryptocurrencies and the dark web

Criminals are turning to a new platform – cryptocurrency – to hide money, making it nearly impossible for local and state agencies to investigate


Criminals are slowly turning away from traditional money crimes like robbery and burglary to focus on white-collar crimes, which yield better returns with significantly less chance of being caught. However, due to harsher fraud sentencing guidelines and the threat of losing money and property to asset forfeiture, many of these criminals are turning to a new platform – cryptocurrency – to hide money, making it very difficult for local and state agencies to investigate.

Bitcoin, Ethereum, Litecoin and Ripple are some of the 1,600+ cryptocurrencies available for purchase. Some, like Monero and Zcash, were specifically designed by money launderers to make it harder for law enforcement to track and seize. Monero even brags on its website that its currency is “designed to be private, secure and untraceable.”

What is cryptocurrency?

This April 3, 2013 photo shows bitcoin tokens at 35-year-old software engineer Mike Caldwell's shop in Sandy, Utah. (AP Photo/Rick Bowmer)
This April 3, 2013 photo shows bitcoin tokens at 35-year-old software engineer Mike Caldwell's shop in Sandy, Utah. (AP Photo/Rick Bowmer)

In 2008, Satoshi Nakamoto released a conceptual paper titled “Bitcoin: A peer-to-peer electronic cash system.”

The concept was quite elaborate: Introduce an anonymous global payment system based on decentralized digital currency where the network of users replaces the need for a centralized government-issued fiat currency,” said Jay Fawcett, a retired detective with the Mesa (Arizona) Police Department. Decentralized digital currencies do not use intermediaries, which makes them a very attractive alternative for criminals.

Cryptocurrencies are decentralized virtual currencies run on a peer-to-peer computer network, with Bitcoin being the largest and most traded. In other words, cryptocurrency is a “digital” form of money not associated with a central repository. Money flows in and out of the system through the use of user’s computers similar to how Naptser traded MP3 songs and videos from 1999-2002. Instead of making purchases using a credit or debit card, a user can make purchases by using a digital wallet. The user can transfer money to others, quickly, securely, anonymously and cheaply. Chargebacks – when credit card company reverses a charge – does not exist in the cryptocurrency world because all transactions are final.

Cryptocurrency transactions are verified using high-powered computer equipment. Each transaction is placed in a string with other transactions. This is called the blockchain. The individual block is then assigned a cryptograph-hash based on SHA256 encryption. The block, which contains several transactions, is then verified by miners. Using their modified “computers” miners solve the cryptograph and receive a small portion of the fee, which is based on the byte size of the transaction. But the real incentive is the block reward that is given to the miner who solves the hash and confirms a block. This is called mining and hence the term “miner.” The more transactions that are verified by miners, the harder the future cryptographs will be to solve. The harder the cryptograph, the larger the byte size of the transaction and the larger the byte size, the more money a miner can make.

Justin B., an Arizona Bitcoin miner told me during a 2016 interview, “I’m in it for the money! I plug it in, hook it up to the internet, download the program and digital wallet and make money.” Justin has been mining bitcoins since 2013, but is switching from Bitcoin to two other cryptocurrencies because of the electricity consumption it now takes to solve these complex cryptographs.

A secure, cheap, non-reversible, anonymous way to transfer money sounds like a too good to be true sales pitch, but it is exactly why many businesses and criminal organizations are now accepting cryptocurrencies as payment.

Dark web

A recent report found that Google, the world’s largest search engine, only finds between 1-13 percent of total web traffic. Most online information is housed on the deep web, not the world wide web. The deep web refers to the parts of the web that are not indexed by search engines. In other words, public search engines cannot search information housed on the deep web. Your agency is likely using the deep web, but calls it by another name like “intraweb.”

The dark web is part of the deep web, but can only be accessed using specialized browsers like The Onion Router (Tor) or I2P. Once accessed and if they know where to look, a viewer can find anything. Drugs, weapons, stolen art and pornography are easily accessible. Stolen cultural artifacts and art, non-traditional weapons like rocket launchers, child pornography and people (for human trafficking), are typically found by using member chat rooms and personal referrals.  

The opioid epidemic and the dark web

All types of drugs are easily found and purchased on the dark web. All a purchaser needs is a cryptocurrency wallet with Bitcoin, Monero or Zcash, an address to ship your drug of choice, and a computer or smartphone. Once the purchaser finds what they want, they click “buy” then “proceed to checkout.” They enter their shipping information and click pay. The experience is very similar to checking out with a Pay-Pal account and only takes a few minutes.

The difficult part of combating drug sales on the dark web stems from the sellers who sell only usable amounts of drugs at a time. Although some sellers may choose to sell in bulk, most U.S. sellers prefer to sell small doses (5-20 pills) using standard envelopes or small bubble envelopes. Small envelopes shipped from inside the U.S. have a very low chance of being intercepted or even screened by law enforcement. This is not the case with international shipments, which are receiving more scrutiny than before. The bad guys know that larger parcels are easier for to intercept than envelopes which is why most choose to ship small doses.

Recreational buyers like to purchase drugs from dark web vendors because it is highly unlikely they will be caught and publicly humiliated. Buyers can have drugs discretely shipped directly to their home, usually via USPS for privacy reasons. Most orders even ship within 24 hours and come with guaranteed delivery. This easy to use, private, reliable and low-risk option makes it a perfect choice for a working-class drug user.

Fentanyl is commonly used in lieu of heroin but marketed as heroin. This is a major driver of the current opioid crisis in America.

Recognition & documentation: 3 things to educate your cops about cryptocurrency

An officer in a suburb of Phoenix, Arizona, stopped a vehicle for a civil traffic violation. After finding marijuana and prescription medication packaged in small micro-baggies, the officer arrested the driver on drug sales. When he was searching the drug dealer’s car, he found several Bitcoin ATM receipts. The driver would sell drugs then deposit his proceeds directly into a Bitcoin ATM, preventing the proceeds from being seized by asset forfeiture detectives. The officer did a great job with his investigation and even noted in the report that he found Bitcoin ATM receipts. What he forgot to do – because he never was instructed otherwise – was to forward that case to a detective for immediate follow-up.

A follow up with the cryptocurrency ATM owner is important. If they are compliant, which is required by U.S. law, they would have all the information about the transaction. If the owner of the ATM is not keeping your client (KYC) information, then charge him/her with federal crimes (18USC1960) or your state’s KYC criminal code. 

It used to be very difficult for law enforcement agencies to track how cryptocurrencies play a role in crime, but there are cryptocurrency intelligence companies making it easier. The first step to combatting crypto-crimes is proper identification and tracking.

There are three things all police agencies should document in their police reports regarding cryptocurrency. It is important to note that not all cryptocurrency users are criminals; however, if a drug dealer or child pornographer has any of the following, you might draw inferences that they are involved in crypto-crime:

1. Cryptocurrency receipts

Documentation of cryptocurrency receipts is important especially if the officer is going to charge money laundering. Currently, Bitcoin (BTC), Litecoin (LTC) and Ethereum (ETH) are available using ATM services, and others have announced they are developing ATM options for their currency.

For a good money laundering charge, it is important to match the transaction with the blockchain. Technology is available to help match these transactions.

It is also a good idea to “flip” ATM owners and recruit them as sources for your investigation.

2. Mining equipment

Most cryptocurrency mining equipment looks the same. There are either a series of rectangle boxes with fans hooked together or individual CPU’s linked together. HINT: If it doesn’t look like a traditional computer, you may be looking at a miner.

In the U.S., sole cryptocurrency miners and users are not regulated by the Financial Crime Enforcement Network (FinCEN), the primary federal regulator. However, if the miner or users act on behalf of another or are dealers in cryptocurrency, then FinCEN regulations apply.

New York State, Connecticut and, just recently, North Carolina, have laws restricting the use of cryptocurrency. As always, consult your prosecutor for details before taking action.

3. Digital wallets

There are multiple types of cryptocurrency digital wallets. Some are web-based, and others are software-based. What is important, especially after the service of a search warrant on a computer or cell phone, is to document the use of cryptocurrency wallets. These are typically in the form of apps. As good practice, use an internet search engine to identify any apps that you do not recognize. If you identify a digital wallet and if the wallet is held by a U.S.-based company, you can apply for a seizure warrant. This should be done quickly since cryptocurrencies can be moved out of a wallet from anywhere in the world.

Cryptocurrency is not a fad, but a complex and serious issue that is here to stay. Lack of regulations, the ability to remain anonymous and untrained police agencies only encourage criminal behavior in the digital environment. Recognizing and documenting basic cryptocurrency issues in your jurisdiction will help your agency take the first step needed to investigate cryptocurrency crime.

Request product info from top Forensics companies

Thank You!

By submitting your information, you agree to be contacted by the selected vendor(s).

Join the discussion

Brand Focus

Sponsored content
Analyze and share digital evidence faster with a tool developed by and for police

Analyze and share digital evidence faster with a tool developed by and for police

Magnet Forensics, founded by a former investigator, offers a way to process, review and share a wide range of digital evidence artifacts

Copyright © 2019 PoliceOne.com. All rights reserved.